44 const XMLDSIGNS =
'http://www.w3.org/2000/09/xmldsig#';
45 const SHA1 =
'http://www.w3.org/2000/09/xmldsig#sha1';
46 const SHA256 =
'http://www.w3.org/2001/04/xmlenc#sha256';
47 const SHA384 =
'http://www.w3.org/2001/04/xmldsig-more#sha384';
48 const SHA512 =
'http://www.w3.org/2001/04/xmlenc#sha512';
49 const RIPEMD160 =
'http://www.w3.org/2001/04/xmlenc#ripemd160';
50 const C14N =
'http://www.w3.org/TR/2001/REC-xml-c14n-20010315';
51 const C14N_COMMENTS =
'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments';
52 const EXC_C14N =
'http://www.w3.org/2001/10/xml-exc-c14n#';
53 const EXC_C14N_COMMENTS =
'http://www.w3.org/2001/10/xml-exc-c14n#WithComments';
54 const template =
'<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 56 <ds:SignatureMethod /> 59 const BASE_TEMPLATE =
'<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> 65 public $sigNode = null;
67 public $idKeys = array ();
69 public $idNS = array ();
71 private $signedInfo = null;
73 private $xPathCtx = null;
75 private $canonicalMethod = null;
79 private $searchpfx =
'secdsig';
85 private $validatedNodes = null;
93 $template = self::BASE_TEMPLATE;
94 if (! empty ( $prefix ))
96 $this->prefix = $prefix .
':';
107 $template = str_replace ( $search, $replace, $template );
110 $sigdoc->loadXML ( $template );
111 $this->sigNode = $sigdoc->documentElement;
117 private function resetXPathObj()
119 $this->xPathCtx = null;
127 private function getXPathObj()
129 if (empty ( $this->xPathCtx ) && ! empty ( $this->sigNode ))
131 $xpath =
new DOMXPath ( $this->sigNode->ownerDocument );
132 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
133 $this->xPathCtx = $xpath;
135 return $this->xPathCtx;
148 $uuid = md5 ( uniqid ( mt_rand (),
true ) );
149 $guid = $prefix . substr ( $uuid, 0, 8 ) .
"-" . substr ( $uuid, 8, 4 ) .
"-" . substr ( $uuid, 12, 4 ) .
"-" . substr ( $uuid, 16, 4 ) .
"-" . substr ( $uuid, 20, 12 );
165 return self::generateGUID ( $prefix );
182 $doc = $objDoc->ownerDocument;
186 $xpath =
new DOMXPath ( $doc );
187 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
188 $query =
".//secdsig:Signature";
189 $nodeset = $xpath->query ( $query, $objDoc );
190 $this->sigNode = $nodeset->item ( $pos );
191 return $this->sigNode;
204 $doc = $this->sigNode->ownerDocument;
205 if (! is_null ( $value ))
207 $node = $doc->createElementNS ( self::XMLDSIGNS, $this->prefix . $name, $value );
211 $node = $doc->createElementNS ( self::XMLDSIGNS, $this->prefix . $name );
225 case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315' :
226 case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments' :
227 case 'http://www.w3.org/2001/10/xml-exc-c14n#' :
228 case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments' :
229 $this->canonicalMethod = $method;
232 throw new Exception (
'Invalid Canonical Method' );
234 if ($xpath = $this->getXPathObj ())
236 $query =
'./' . $this->searchpfx .
':SignedInfo';
237 $nodeset = $xpath->query ( $query, $this->sigNode );
238 if ($sinfo = $nodeset->item ( 0 ))
240 $query =
'./' . $this->searchpfx .
'CanonicalizationMethod';
241 $nodeset = $xpath->query ( $query, $sinfo );
242 if (! ($canonNode = $nodeset->item ( 0 )))
245 $sinfo->insertBefore ( $canonNode, $sinfo->firstChild );
247 $canonNode->setAttribute (
'Algorithm', $this->canonicalMethod );
260 private function canonicalizeData($node, $canonicalmethod, $arXPath = null, $prefixList = null)
263 $withComments =
false;
264 switch ($canonicalmethod)
266 case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315' :
268 $withComments =
false;
270 case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments' :
271 $withComments =
true;
273 case 'http://www.w3.org/2001/10/xml-exc-c14n#' :
276 case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments' :
278 $withComments =
true;
281 if (is_null ( $arXPath ) && ($node instanceof DOMNode) && ($node->ownerDocument !== null) && $node->isSameNode ( $node->ownerDocument->documentElement ))
285 while ( $refnode = $element->previousSibling )
287 if ($refnode->nodeType == XML_PI_NODE || (($refnode->nodeType == XML_COMMENT_NODE) && $withComments))
293 if ($refnode == null)
295 $node = $node->ownerDocument;
298 return $node->C14N ( $exclusive, $withComments, $arXPath, $prefixList );
307 $doc = $this->sigNode->ownerDocument;
308 $canonicalmethod = null;
311 $xpath = $this->getXPathObj ();
312 $query =
"./secdsig:SignedInfo";
313 $nodeset = $xpath->query ( $query, $this->sigNode );
314 if ($signInfoNode = $nodeset->item ( 0 ))
316 $query =
"./secdsig:CanonicalizationMethod";
317 $nodeset = $xpath->query ( $query, $signInfoNode );
318 if ($canonNode = $nodeset->item ( 0 ))
320 $canonicalmethod = $canonNode->getAttribute (
'Algorithm' );
322 $this->signedInfo = $this->canonicalizeData ( $signInfoNode, $canonicalmethod );
323 return $this->signedInfo;
340 switch ($digestAlgorithm)
354 case self::RIPEMD160 :
358 throw new Exception (
"Cannot validate digest: Unsupported Algorithm <$digestAlgorithm>" );
360 $digest = hash ( $alg, $data,
true );
363 $digest = base64_encode ( $digest );
377 $xpath =
new DOMXPath ( $refNode->ownerDocument );
378 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
379 $query =
'string(./secdsig:DigestMethod/@Algorithm)';
380 $digestAlgorithm = $xpath->evaluate ( $query, $refNode );
382 $query =
'string(./secdsig:DigestValue)';
383 $digestValue = $xpath->evaluate ( $query, $refNode );
384 return ($digValue == base64_decode ( $digestValue ));
398 $xpath =
new DOMXPath ( $refNode->ownerDocument );
399 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
400 $query =
'./secdsig:Transforms/secdsig:Transform';
401 $nodelist = $xpath->query ( $query, $refNode );
402 $canonicalMethod =
'http://www.w3.org/TR/2001/REC-xml-c14n-20010315';
405 foreach ( $nodelist as $transform )
407 $algorithm = $transform->getAttribute (
"Algorithm" );
410 case 'http://www.w3.org/2001/10/xml-exc-c14n#' :
411 case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments' :
412 if (! $includeCommentNodes)
418 $canonicalMethod =
'http://www.w3.org/2001/10/xml-exc-c14n#';
422 $canonicalMethod = $algorithm;
424 $node = $transform->firstChild;
427 if ($node->localName ==
'InclusiveNamespaces')
429 if ($pfx = $node->getAttribute (
'PrefixList' ))
432 $pfxlist = explode (
" ", $pfx );
433 foreach ( $pfxlist as $pfx )
435 $val = trim ( $pfx );
436 if (! empty ( $val ))
441 if (count ( $arpfx ) > 0)
443 $prefixList = $arpfx;
448 $node = $node->nextSibling;
451 case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315' :
452 case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments' :
453 if (! $includeCommentNodes)
459 $canonicalMethod =
'http://www.w3.org/TR/2001/REC-xml-c14n-20010315';
463 $canonicalMethod = $algorithm;
466 case 'http://www.w3.org/TR/1999/REC-xpath-19991116' :
467 $node = $transform->firstChild;
470 if ($node->localName ==
'XPath')
473 'query'=>
'(.//. | .//@* | .//namespace::*)[' . $node->nodeValue .
']',
474 'namespaces' => array()
476 $nslist = $xpath->query (
'./namespace::*', $node );
477 foreach ( $nslist as $nsnode )
479 if ($nsnode->localName !=
"xml")
481 $arXPath [
'namespaces'] [$nsnode->localName] = $nsnode->nodeValue;
486 $node = $node->nextSibling;
491 if ($data instanceof DOMNode)
493 $data = $this->canonicalizeData ( $objData, $canonicalMethod, $arXPath, $prefixList );
510 $includeCommentNodes =
true;
511 if ($uri = $refNode->getAttribute (
"URI" ))
513 $arUrl = parse_url ( $uri );
514 if (empty ( $arUrl [
'path'] ))
516 if ($identifier = $arUrl [
'fragment'])
522 $includeCommentNodes =
false;
523 $xPath =
new DOMXPath ( $refNode->ownerDocument );
524 if ($this->idNS && is_array ( $this->idNS ))
526 foreach ( $this->idNS as $nspf => $ns )
528 $xPath->registerNamespace ( $nspf, $ns );
531 $iDlist =
'@Id="' . $identifier .
'"';
532 if (is_array ( $this->idKeys ))
534 foreach ( $this->idKeys as $idKey )
536 $iDlist .=
" or @$idKey='$identifier'";
539 $query =
'//*[' . $iDlist .
']';
540 $dataObject = $xPath->query ( $query )->item ( 0 );
544 $dataObject = $refNode->ownerDocument;
549 $dataObject = file_get_contents ( $arUrl );
558 $includeCommentNodes =
false;
559 $dataObject = $refNode->ownerDocument;
561 $data = $this->
processTransforms ( $refNode, $dataObject, $includeCommentNodes );
566 if ($dataObject instanceof DOMNode)
569 if (! empty ( $identifier ))
571 $this->validatedNodes [$identifier] = $dataObject;
575 $this->validatedNodes [] = $dataObject;
588 if ($uri = $refNode->getAttribute (
"URI" ))
590 $arUrl = parse_url ( $uri );
591 if (empty ( $arUrl [
'path'] ))
593 if ($identifier = $arUrl [
'fragment'])
610 $xpath = $this->getXPathObj ();
611 $query =
"./secdsig:SignedInfo/secdsig:Reference";
612 $nodeset = $xpath->query ( $query, $this->sigNode );
613 if ($nodeset->length == 0)
615 throw new Exception (
"Reference nodes not found" );
617 foreach ( $nodeset as $refNode )
631 $docElem = $this->sigNode->ownerDocument->documentElement;
632 if (! $docElem->isSameNode ( $this->sigNode ))
634 $this->sigNode->parentNode->removeChild ( $this->sigNode );
636 $xpath = $this->getXPathObj ();
637 $query =
"./secdsig:SignedInfo/secdsig:Reference";
638 $nodeset = $xpath->query ( $query, $this->sigNode );
639 if ($nodeset->length == 0)
641 throw new Exception (
"Reference nodes not found" );
644 $this->validatedNodes = array ();
645 foreach ( $nodeset as $refNode )
650 $this->validatedNodes = null;
651 throw new Exception (
"Reference validation failed" );
665 private function addRefInternal($sinfoNode, $node, $algorithm, $arTransforms = null, $options = null)
670 $overwrite_id =
true;
672 if (is_array ( $options ))
674 $prefix = empty ( $options [
'prefix'] ) ? null : $options [
'prefix'];
675 $prefix_ns = empty ( $options [
'prefix_ns'] ) ? null : $options [
'prefix_ns'];
676 $id_name = empty ( $options [
'id_name'] ) ?
'Id' : $options [
'id_name'];
677 $overwrite_id = ! isset ( $options [
'overwrite'] ) ? true : ( bool ) $options [
'overwrite'];
678 $force_uri = ! isset ( $options [
'force_uri'] ) ? false : ( bool ) $options [
'force_uri'];
681 if (! empty ( $prefix ))
683 $attname = $prefix .
':' . $attname;
686 $sinfoNode->appendChild ( $refNode );
692 $uri = $prefix_ns ? $node->getAttributeNS ( $prefix_ns, $id_name ) : $node->getAttribute ( $id_name );
696 $uri = self::generateGUID ();
697 $node->setAttributeNS ( $prefix_ns, $attname, $uri );
699 $refNode->setAttribute (
"URI",
'#' . $uri );
703 $refNode->setAttribute (
"URI",
'' );
706 $refNode->appendChild ( $transNodes );
707 if (is_array ( $arTransforms ))
709 foreach ( $arTransforms as $transform )
712 $transNodes->appendChild ( $transNode );
713 if (is_array ( $transform ) && (! empty ( $transform [
'http://www.w3.org/TR/1999/REC-xpath-19991116'] )) && (! empty ( $transform [
'http://www.w3.org/TR/1999/REC-xpath-19991116'] [
'query'] )))
715 $transNode->setAttribute (
'Algorithm',
'http://www.w3.org/TR/1999/REC-xpath-19991116' );
716 $XPathNode = $this->
createNewSignNode (
'XPath', $transform [
'http://www.w3.org/TR/1999/REC-xpath-19991116'] [
'query'] );
717 $transNode->appendChild ( $XPathNode );
718 if (! empty ( $transform [
'http://www.w3.org/TR/1999/REC-xpath-19991116'] [
'namespaces'] ))
720 foreach ( $transform [
'http://www.w3.org/TR/1999/REC-xpath-19991116'] [
'namespaces'] as $prefix => $namespace )
722 $XPathNode->setAttributeNS (
"http://www.w3.org/2000/xmlns/",
"xmlns:$prefix", $namespace );
728 $transNode->setAttribute (
'Algorithm', $transform );
732 elseif (! empty ( $this->canonicalMethod ))
735 $transNodes->appendChild ( $transNode );
736 $transNode->setAttribute (
'Algorithm', $this->canonicalMethod );
741 $refNode->appendChild ( $digestMethod );
742 $digestMethod->setAttribute (
'Algorithm', $algorithm );
744 $refNode->appendChild ( $digestValue );
754 public function addReference($node, $algorithm, $arTransforms = null, $options = null)
756 if ($xpath = $this->getXPathObj ())
758 $query =
"./secdsig:SignedInfo";
759 $nodeset = $xpath->query ( $query, $this->sigNode );
760 if ($sInfo = $nodeset->item ( 0 ))
762 $this->addRefInternal ( $sInfo, $node, $algorithm, $arTransforms, $options );
774 public function addReferenceList($arNodes, $algorithm, $arTransforms = null, $options = null)
776 if ($xpath = $this->getXPathObj ())
778 $query =
"./secdsig:SignedInfo";
779 $nodeset = $xpath->query ( $query, $this->sigNode );
780 if ($sInfo = $nodeset->item ( 0 ))
782 foreach ( $arNodes as $node )
784 $this->addRefInternal ( $sInfo, $node, $algorithm, $arTransforms, $options );
797 public function addObject($data, $mimetype = null, $encoding = null)
800 $this->sigNode->appendChild ( $objNode );
801 if (! empty ( $mimetype ))
803 $objNode->setAttribute (
'MimeType', $mimetype );
805 if (! empty ( $encoding ))
807 $objNode->setAttribute (
'Encoding', $encoding );
809 if ($data instanceof DOMElement)
811 $newData = $this->sigNode->ownerDocument->importNode ( $data,
true );
815 $newData = $this->sigNode->ownerDocument->createTextNode ( $data );
817 $objNode->appendChild ( $newData );
830 $node = $this->sigNode;
832 if (! $node instanceof DOMNode)
836 if ($doc = $node->ownerDocument)
838 $xpath =
new DOMXPath ( $doc );
839 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
840 $query =
"string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)";
841 $algorithm = $xpath->evaluate ( $query, $node );
868 $doc = $this->sigNode->ownerDocument;
869 $xpath =
new DOMXPath ( $doc );
870 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
871 $query =
"string(./secdsig:SignatureValue)";
872 $sigValue = $xpath->evaluate ( $query, $this->sigNode );
873 if (empty ( $sigValue ))
875 throw new Exception (
"Unable to locate SignatureValue" );
877 return $objKey->verifySignature ( $this->signedInfo, base64_decode ( $sigValue ) );
888 return $objKey->signData ( $data );
896 public function sign($objKey, $appendToNode = null)
899 if ($appendToNode != null)
901 $this->resetXPathObj ();
903 $this->sigNode = $appendToNode->lastChild;
905 if ($xpath = $this->getXPathObj ())
907 $query =
"./secdsig:SignedInfo";
908 $nodeset = $xpath->query ( $query, $this->sigNode );
909 if ($sInfo = $nodeset->item ( 0 ))
911 $query =
"./secdsig:SignatureMethod";
912 $nodeset = $xpath->query ( $query, $sInfo );
913 $sMethod = $nodeset->item ( 0 );
914 $sMethod->setAttribute (
'Algorithm', $objKey->type );
915 $data = $this->canonicalizeData ( $sInfo, $this->canonicalMethod );
916 $sigValue = base64_encode ( $this->
signData ( $objKey, $data ) );
918 if ($infoSibling = $sInfo->nextSibling)
920 $infoSibling->parentNode->insertBefore ( $sigValueNode, $infoSibling );
924 $this->sigNode->appendChild ( $sigValueNode );
930 public function appendCert()
941 $objKey->serializeKey ( $parent );
959 $document = $node->ownerDocument;
960 $signatureElement = $document->importNode ( $this->sigNode,
true );
961 if ($beforeNode == null)
963 return $node->insertBefore ( $signatureElement );
967 return $node->insertBefore ( $signatureElement, $beforeNode );
979 $beforeNode = $insertBefore ? $parentNode->firstChild : null;
991 $certs = self::staticGet509XCerts ( $cert, $isPEMFormat );
992 if (! empty ( $certs ))
1010 $certlist = array ();
1011 $arCert = explode (
"\n", $certs );
1013 foreach ( $arCert as $curData )
1017 if (strncmp ( $curData,
'-----BEGIN CERTIFICATE', 22 ) == 0)
1024 if (strncmp ( $curData,
'-----END CERTIFICATE', 20 ) == 0)
1027 $certlist [] = $data;
1031 $data .= trim ( $curData );
1054 public static function staticAdd509Cert($parentRef, $cert, $isPEMFormat =
true, $isURL =
false, $xpath = null, $options = null)
1058 $cert = file_get_contents ( $cert );
1060 if (! $parentRef instanceof DOMElement)
1062 throw new Exception (
'Invalid parent Node parameter' );
1064 $baseDoc = $parentRef->ownerDocument;
1065 if (empty ( $xpath ))
1067 $xpath =
new DOMXPath ( $parentRef->ownerDocument );
1068 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
1070 $query =
"./secdsig:KeyInfo";
1071 $nodeset = $xpath->query ( $query, $parentRef );
1072 $keyInfo = $nodeset->item ( 0 );
1076 $pfx = $parentRef->lookupPrefix ( self::XMLDSIGNS );
1077 if (! empty ( $pfx ))
1079 $dsig_pfx = $pfx .
":";
1082 $keyInfo = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'KeyInfo' );
1083 $query =
"./secdsig:Object";
1084 $nodeset = $xpath->query ( $query, $parentRef );
1085 if ($sObject = $nodeset->item ( 0 ))
1087 $sObject->parentNode->insertBefore ( $keyInfo, $sObject );
1092 $parentRef->appendChild ( $keyInfo );
1097 $pfx = $keyInfo->lookupPrefix ( self::XMLDSIGNS );
1098 if (! empty ( $pfx ))
1100 $dsig_pfx = $pfx .
":";
1104 $certs = self::staticGet509XCerts ( $cert, $isPEMFormat );
1106 $x509DataNode = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'X509Data' );
1107 $keyInfo->appendChild ( $x509DataNode );
1108 $issuerSerial =
false;
1109 $subjectName =
false;
1110 if (is_array ( $options ))
1112 if (! empty ( $options [
'issuerSerial'] ))
1114 $issuerSerial =
true;
1116 if (! empty ( $options [
'subjectName'] ))
1118 $subjectName =
true;
1122 foreach ( $certs as $X509Cert )
1124 if ($issuerSerial || $subjectName)
1126 if ($certData = openssl_x509_parse (
"-----BEGIN CERTIFICATE-----\n" . chunk_split ( $X509Cert, 64,
"\n" ) .
"-----END CERTIFICATE-----\n" ))
1128 if ($subjectName && ! empty ( $certData [
'subject'] ))
1130 if (is_array ( $certData [
'subject'] ))
1133 foreach ( $certData [
'subject'] as $key => $value )
1135 if (is_array ( $value ))
1137 foreach ( $value as $valueElement )
1139 array_unshift ( $parts,
"$key=$valueElement" );
1144 array_unshift ( $parts,
"$key=$value" );
1147 $subjectNameValue = implode (
',', $parts );
1151 $subjectNameValue = $certData [
'issuer'];
1153 $x509SubjectNode = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'X509SubjectName', $subjectNameValue );
1154 $x509DataNode->appendChild ( $x509SubjectNode );
1156 if ($issuerSerial && ! empty ( $certData [
'issuer'] ) && ! empty ( $certData [
'serialNumber'] ))
1158 if (is_array ( $certData [
'issuer'] ))
1161 foreach ( $certData [
'issuer'] as $key => $value )
1163 array_unshift ( $parts,
"$key=$value" );
1165 $issuerName = implode (
',', $parts );
1169 $issuerName = $certData [
'issuer'];
1171 $x509IssuerNode = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'X509IssuerSerial' );
1172 $x509DataNode->appendChild ( $x509IssuerNode );
1173 $x509Node = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'X509IssuerName', $issuerName );
1174 $x509IssuerNode->appendChild ( $x509Node );
1175 $x509Node = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'X509SerialNumber', $certData [
'serialNumber'] );
1176 $x509IssuerNode->appendChild ( $x509Node );
1180 $x509CertNode = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'X509Certificate', $X509Cert );
1181 $x509DataNode->appendChild ( $x509CertNode );
1192 public function add509Cert($cert, $isPEMFormat =
true, $isURL =
false, $options = null)
1194 if ($xpath = $this->getXPathObj ())
1196 self::staticAdd509Cert ( $this->sigNode, $cert, $isPEMFormat, $isURL, $xpath, $options );
1212 $parentRef = $this->sigNode;
1213 $baseDoc = $parentRef->ownerDocument;
1214 $xpath = $this->getXPathObj ();
1215 if (empty ( $xpath ))
1217 $xpath =
new DOMXPath ( $parentRef->ownerDocument );
1218 $xpath->registerNamespace (
'secdsig', self::XMLDSIGNS );
1220 $query =
"./secdsig:KeyInfo";
1221 $nodeset = $xpath->query ( $query, $parentRef );
1222 $keyInfo = $nodeset->item ( 0 );
1226 $pfx = $parentRef->lookupPrefix ( self::XMLDSIGNS );
1227 if (! empty ( $pfx ))
1229 $dsig_pfx = $pfx .
":";
1232 $keyInfo = $baseDoc->createElementNS ( self::XMLDSIGNS, $dsig_pfx .
'KeyInfo' );
1233 $query =
"./secdsig:Object";
1234 $nodeset = $xpath->query ( $query, $parentRef );
1235 if ($sObject = $nodeset->item ( 0 ))
1237 $sObject->parentNode->insertBefore ( $keyInfo, $sObject );
1242 $parentRef->appendChild ( $keyInfo );
1245 $keyInfo->appendChild ( $node );
1262 return $this->validatedNodes;
addObject($data, $mimetype=null, $encoding=null)
static staticGet509XCerts($certs, $isPEMFormat=true)
appendKey($objKey, $parent=null)
static generate_GUID($prefix='pfx')
appendSignature($parentNode, $insertBefore=false)
createNewSignNode($name, $value=null)
locateSignature($objDoc, $pos=0)
__construct($prefix='ds')
addReference($node, $algorithm, $arTransforms=null, $options=null)
insertSignature($node, $beforeNode=null)
validateDigest($refNode, $data)
static get509XCert($cert, $isPEMFormat=true)
calculateDigest($digestAlgorithm, $data, $encode=true)
static staticAdd509Cert($parentRef, $cert, $isPEMFormat=true, $isURL=false, $xpath=null, $options=null)
add509Cert($cert, $isPEMFormat=true, $isURL=false, $options=null)
processTransforms($refNode, $objData, $includeCommentNodes=true)
sign($objKey, $appendToNode=null)
setCanonicalMethod($method)
static generateGUID($prefix='pfx')
addReferenceList($arNodes, $algorithm, $arTransforms=null, $options=null)